diff --git a/hosts/m3-atlas/services/containers/baserow.nix b/hosts/m3-atlas/services/containers/baserow.nix index 02bf0af..2868160 100644 --- a/hosts/m3-atlas/services/containers/baserow.nix +++ b/hosts/m3-atlas/services/containers/baserow.nix @@ -15,12 +15,21 @@ ]; routers.baserow = { - rule = "Host(`br.m3tam3re.com`)"; + rule = "Host(`br.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "baserow"; entrypoints = "websecure"; }; + routers.baserow-old = { + rule = "Host(`br.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "baserow"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/containers/ghost.nix b/hosts/m3-atlas/services/containers/ghost.nix index 3d64cb3..166a21a 100644 --- a/hosts/m3-atlas/services/containers/ghost.nix +++ b/hosts/m3-atlas/services/containers/ghost.nix @@ -13,14 +13,25 @@ url = "http://localhost:3002/"; } ]; - - routers.ghost = { - rule = "Host(`www.m3tam3re.com`)"; - tls = { - certResolver = "godaddy"; + routers = { + ghost = { + rule = "Host(`m3ta.dev`)"; + tls = { + certResolver = "godaddy"; + }; + service = "ghost"; + entrypoints = "websecure"; + middlewares = ["strip-www"]; + }; + ghost-old = { + rule = "Host(`www.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "ghost"; + entrypoints = "websecure"; + middlewares = ["domain-redirect"]; }; - service = "ghost"; - entrypoints = "websecure"; }; }; } diff --git a/hosts/m3-atlas/services/containers/restreamer.nix b/hosts/m3-atlas/services/containers/restreamer.nix index 640462b..960c098 100644 --- a/hosts/m3-atlas/services/containers/restreamer.nix +++ b/hosts/m3-atlas/services/containers/restreamer.nix @@ -25,7 +25,7 @@ ]; routers.restreamer = { - rule = "Host(`stream.m3tam3re.com`)"; + rule = "Host(`stream.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; diff --git a/hosts/m3-atlas/services/gitea.nix b/hosts/m3-atlas/services/gitea.nix index 7a2f218..0736079 100644 --- a/hosts/m3-atlas/services/gitea.nix +++ b/hosts/m3-atlas/services/gitea.nix @@ -2,7 +2,7 @@ services.gitea = { enable = true; settings = { - server.ROOT_URL = "https://code.m3tam3re.com"; + server.ROOT_URL = "https://code.m3ta.dev"; service.DISABLE_REGISTRATION = true; }; lfs.enable = true; @@ -22,12 +22,21 @@ ]; routers.gitea = { - rule = "Host(`code.m3tam3re.com`)"; + rule = "Host(`code.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "gitea"; entrypoints = "websecure"; }; + routers.gitea-old = { + rule = "Host(`code.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "gitea"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/n8n.nix b/hosts/m3-atlas/services/n8n.nix index 6d49c69..af10765 100644 --- a/hosts/m3-atlas/services/n8n.nix +++ b/hosts/m3-atlas/services/n8n.nix @@ -1,9 +1,11 @@ -{ +{config, ...}: { services.n8n = { enable = true; webhookUrl = "https://wf.m3tam3re.com"; }; - + systemd.services.n8n.serviceConfig = { + EnvironmentFile = ["${config.age.secrets.n8n-env.path}"]; + }; # Traefik configuration specific to n8n services.traefik.dynamicConfigOptions.http = { services.n8n.loadBalancer.servers = [ @@ -13,7 +15,7 @@ ]; routers.n8n = { - rule = "Host(`wf.m3tam3re.com`)"; + rule = "Host(`wf.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; diff --git a/hosts/m3-atlas/services/searx.nix b/hosts/m3-atlas/services/searx.nix index 6600c50..8998eb9 100644 --- a/hosts/m3-atlas/services/searx.nix +++ b/hosts/m3-atlas/services/searx.nix @@ -17,12 +17,21 @@ ]; routers.searx = { - rule = "Host(`search.m3tam3re.com`)"; + rule = "Host(`search.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "searx"; entrypoints = "websecure"; }; + routers.searx-old = { + rule = "Host(`search.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "searx"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/hosts/m3-atlas/services/traefik.nix b/hosts/m3-atlas/services/traefik.nix index d25de91..acb312d 100644 --- a/hosts/m3-atlas/services/traefik.nix +++ b/hosts/m3-atlas/services/traefik.nix @@ -12,7 +12,10 @@ dnsChallenge = { provider = "godaddy"; resolvers = ["1.1.1.1:53" "8.8.8.8:53"]; - propagation.delayBeforeChecks = 120; + propagation = { + delayBeforeChecks = 60; + disableChecks = true; + }; }; }; }; @@ -39,7 +42,35 @@ }; dynamicConfigOptions = { http = { + services = { + dummy = { + loadBalancer.servers = [ + {url = "http://192.168.0.1";} # Diese URL wird nie verwendet + ]; + }; + }; middlewares = { + domain-redirect = { + redirectRegex = { + regex = "^https://www\\.m3tam3re\\.com(.*)"; + replacement = "https://m3ta.dev$1"; + permanent = true; + }; + }; + strip-www = { + redirectRegex = { + regex = "^https://www\\.(.+)"; + replacement = "https://$1"; + permanent = true; + }; + }; + subdomain-redirect = { + redirectRegex = { + regex = "^https://([a-zA-Z0-9-]+)\\.m3tam3re\\.com(.*)"; + replacement = "https://$1.m3ta.dev$2"; + permanent = true; + }; + }; auth = { basicAuth = { users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."]; diff --git a/hosts/m3-atlas/services/wastebin.nix b/hosts/m3-atlas/services/wastebin.nix index c67f619..aa69217 100644 --- a/hosts/m3-atlas/services/wastebin.nix +++ b/hosts/m3-atlas/services/wastebin.nix @@ -3,7 +3,7 @@ enable = true; settings = { WASTEBIN_TITLE = "m3tam3re's wastebin"; - WASTEBIN_BASE_URL = "https://bin.m3tam3re.com"; + WASTEBIN_BASE_URL = "https://bin.m3ta.dev"; WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003"; WASTEBIN_MAX_BODY_SIZE = 1048576; }; @@ -17,12 +17,21 @@ ]; routers.wastebin = { - rule = "Host(`bin.m3tam3re.com`)"; + rule = "Host(`bin.m3ta.dev`)"; tls = { certResolver = "godaddy"; }; service = "wastebin"; entrypoints = "websecure"; }; + routers.wastebin-old = { + rule = "Host(`bin.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "wastebin"; + entrypoints = "websecure"; + middlewares = ["subdomain-redirect"]; + }; }; } diff --git a/secrets/baserow-env.age b/secrets/baserow-env.age index 5a31031..4286dec 100644 Binary files a/secrets/baserow-env.age and b/secrets/baserow-env.age differ diff --git a/secrets/ghost-env.age b/secrets/ghost-env.age index 0edf7f0..fc5d45f 100644 Binary files a/secrets/ghost-env.age and b/secrets/ghost-env.age differ diff --git a/secrets/n8n-env.age b/secrets/n8n-env.age index cd14d35..2f81c7d 100644 Binary files a/secrets/n8n-env.age and b/secrets/n8n-env.age differ